diff --git a/app/Config/Routes.php b/app/Config/Routes.php index 0aed15a..673ee59 100644 --- a/app/Config/Routes.php +++ b/app/Config/Routes.php @@ -25,24 +25,6 @@ $routes->group('cli', ['namespace' => 'App\Controllers\CLI'], function ($routes) }); $routes->group('admin', ['namespace' => 'App\Controllers\Admin', 'filter' => 'authFilter:manager'], function ($routes) { $routes->get('/', 'Home::index'); - $routes->group('user', function ($routes) { - $routes->get('/', 'UserController::index'); - $routes->get('create', 'UserController::create_form', ['filter' => 'authFilter:master']); - $routes->post('create', 'UserController::create', ['filter' => 'authFilter:master']); - $routes->get('modify/(:num)', 'UserController::modify_form/$1'); - $routes->post('modify/(:num)', 'UserController::modify/$1'); - $routes->get('delete/(:num)', 'UserController::delete/$1', ['filter' => 'authFilter:master']); - $routes->get('toggle/(:num)/(:any)', 'UserController::toggle/$1/$2'); - $routes->post('batchjob', 'UserController::batcjob'); - $routes->get('download/(:alpha)', 'UserController::download/$1'); - }); - $routes->group('usersns', function ($routes) { - $routes->get('/', 'UserSNSController::index'); - $routes->get('delete/(:num)', 'UserSNSController::delete/$1', ['filter' => 'authFilter:master']); - $routes->get('toggle/(:num)/(:any)', 'UserSNSController::toggle/$1/$2', ['filter' => 'authFilter:master']); - $routes->post('batchjob', 'UserSNSController::batcjob', ['filter' => 'authFilter:master']); - $routes->get('download/(:alpha)', 'UserSNSController::download/$1'); - }); $routes->group('mapurl', function ($routes) { $routes->get('/', 'MapurlController::index'); $routes->get('create', 'MapurlController::create_form'); @@ -54,43 +36,62 @@ $routes->group('admin', ['namespace' => 'App\Controllers\Admin', 'filter' => 'au $routes->post('batchjob', 'MapurlController::batcjob'); $routes->get('download/(:alpha)', 'MapurlController::download/$1'); }); - $routes->group('cloudflare', ['namespace' => 'App\Controllers\Admin\Cloudflare', 'filter' => 'authFilter:cloudflare'], function ($routes) { - $routes->group('auth', function ($routes) { - $routes->get('/', 'AuthController::index'); - $routes->get('create', 'AuthController::create_form'); - $routes->post('create', 'AuthController::create'); - $routes->get('modify/(:num)', 'AuthController::modify_form/$1'); - $routes->get('delete/(:num)', 'AuthController::delete/$1', ['filter' => 'authFilter:master']); - $routes->get('toggle/(:num)/(:any)', 'AuthController::toggle/$1/$2'); - $routes->post('batchjob', 'AuthController::batcjob'); - $routes->get('download/(:alpha)', 'AccountController::download/$1'); - }); - $routes->group('account', function ($routes) { - $routes->get('/', 'AccountController::index'); - $routes->get('reload/(:num)', 'AccountController::reload/$1'); - $routes->get('download/(:alpha)', 'AccountController::download/$1'); - }); - $routes->group('zone', function ($routes) { - $routes->get('/', 'ZoneController::index'); - $routes->get('create', 'ZoneController::create_form'); - $routes->post('create', 'ZoneController::create'); - $routes->get('delete/(:alphanum)', 'ZoneController::delete/$1'); - $routes->get('sync/(:alphanum)', 'ZoneController::sync/$1'); - $routes->get('toggle/(:alphanum)/(:any)', 'ZoneController::toggle/$1/$2'); - $routes->post('batchjob', 'ZoneController::batcjob'); - $routes->get('reload/(:alphanum)', 'ZoneController::reload/$1'); - $routes->get('download/(:alpha)', 'ZoneController::download/$1'); - }); - $routes->group('record', function ($routes) { - $routes->get('/', 'RecordController::index'); - $routes->get('create', 'RecordController::create_form'); - $routes->post('create', 'RecordController::create'); - $routes->get('delete/(:alphanum)', 'RecordController::delete/$1'); - $routes->get('sync/(:alphanum)', 'RecordController::sync/$1'); - $routes->get('toggle/(:alphanum)/(:any)', 'RecordController::toggle/$1/$2'); - $routes->post('batchjob', 'RecordController::batcjob'); - $routes->get('reload/(:alphanum)', 'RecordController::reload/$1'); - $routes->get('download/(:alpha)', 'RecordController::download/$1'); - }); +}); +$routes->group('admin/user', ['namespace' => 'App\Controllers\Admin'], function ($routes) { + $routes->get('/', 'UserController::index', ['filter' => 'authFilter:manager']); + $routes->get('create', 'UserController::create_form', ['filter' => 'authFilter:master']); + $routes->post('create', 'UserController::create', ['filter' => 'authFilter:master']); + $routes->get('modify/(:num)', 'UserController::modify_form/$1', ['filter' => 'authFilter:manager']); + $routes->post('modify/(:num)', 'UserController::modify/$1', ['filter' => 'authFilter:manager']); + $routes->get('delete/(:num)', 'UserController::delete/$1', ['filter' => 'authFilter:master']); + $routes->get('toggle/(:num)/(:any)', 'UserController::toggle/$1/$2', ['filter' => 'authFilter:manager']); + $routes->post('batchjob', 'UserController::batcjob', ['filter' => 'authFilter:manager']); + $routes->get('download/(:alpha)', 'UserController::download/$1', ['filter' => 'authFilter:manager']); +}); +$routes->group('admin/usersns', ['namespace' => 'App\Controllers\Admin'], function ($routes) { + $routes->get('/', 'UserSNSController::index', ['filter' => 'authFilter:manager']); + $routes->get('delete/(:num)', 'UserSNSController::delete/$1', ['filter' => 'authFilter:master']); + $routes->get('toggle/(:num)/(:any)', 'UserSNSController::toggle/$1/$2', ['filter' => 'authFilter:master']); + $routes->post('batchjob', 'UserSNSController::batcjob', ['filter' => 'authFilter:master']); + $routes->get('download/(:alpha)', 'UserSNSController::download/$1', ['filter' => 'authFilter:manager']); +}); + +$routes->group('admin/cloudflare', ['namespace' => 'App\Controllers\Admin\Cloudflare', 'filter' => 'authFilter:cloudflare'], function ($routes) { + $routes->group('auth', function ($routes) { + $routes->get('/', 'AuthController::index'); + $routes->get('create', 'AuthController::create_form'); + $routes->post('create', 'AuthController::create'); + $routes->get('modify/(:num)', 'AuthController::modify_form/$1'); + $routes->get('delete/(:num)', 'AuthController::delete/$1'); + $routes->get('toggle/(:num)/(:any)', 'AuthController::toggle/$1/$2'); + $routes->post('batchjob', 'AuthController::batcjob'); + $routes->get('download/(:alpha)', 'AccountController::download/$1'); + }); + $routes->group('account', function ($routes) { + $routes->get('/', 'AccountController::index'); + $routes->get('reload/(:num)', 'AccountController::reload/$1'); + $routes->get('download/(:alpha)', 'AccountController::download/$1'); + }); + $routes->group('zone', function ($routes) { + $routes->get('/', 'ZoneController::index'); + $routes->get('create', 'ZoneController::create_form'); + $routes->post('create', 'ZoneController::create'); + $routes->get('delete/(:alphanum)', 'ZoneController::delete/$1'); + $routes->get('sync/(:alphanum)', 'ZoneController::sync/$1'); + $routes->get('toggle/(:alphanum)/(:any)', 'ZoneController::toggle/$1/$2'); + $routes->post('batchjob', 'ZoneController::batcjob'); + $routes->get('reload/(:alphanum)', 'ZoneController::reload/$1'); + $routes->get('download/(:alpha)', 'ZoneController::download/$1'); + }); + $routes->group('record', function ($routes) { + $routes->get('/', 'RecordController::index'); + $routes->get('create', 'RecordController::create_form'); + $routes->post('create', 'RecordController::create'); + $routes->get('delete/(:alphanum)', 'RecordController::delete/$1'); + $routes->get('sync/(:alphanum)', 'RecordController::sync/$1'); + $routes->get('toggle/(:alphanum)/(:any)', 'RecordController::toggle/$1/$2'); + $routes->post('batchjob', 'RecordController::batcjob'); + $routes->get('reload/(:alphanum)', 'RecordController::reload/$1'); + $routes->get('download/(:alpha)', 'RecordController::download/$1'); }); }); diff --git a/app/Config/Services.php b/app/Config/Services.php index df7c8ad..abb6fbf 100644 --- a/app/Config/Services.php +++ b/app/Config/Services.php @@ -2,6 +2,7 @@ namespace Config; +use App\Libraries\MyAuth\MyAuth; use CodeIgniter\Config\BaseService; /** @@ -29,4 +30,12 @@ class Services extends BaseService * return new \CodeIgniter\Example(); * } */ + public static function myauth($getShared = true): MyAuth + { + if ($getShared) { + return static::getSharedInstance('myauth'); + } else { + return new MyAuth(); + } + } } diff --git a/app/Filters/AuthFilter.php b/app/Filters/AuthFilter.php index e34f655..6b64bb4 100644 --- a/app/Filters/AuthFilter.php +++ b/app/Filters/AuthFilter.php @@ -25,8 +25,10 @@ class AuthFilter implements FilterInterface */ public function before(RequestInterface $request, $arguments = null) { + $auth = service('myauth'); + // log_message("debug", var_export($arguments, true)); // 로그인 않했으면 - if (!session()->has(SESSION_NAMES['ISLOGIN'])) { + if (!$auth->isLoggedIn()) { $urlStack = session()->get('url_stack', []) ?? []; $urlStack[] = current_url() . ($request->getUri()->getQuery() ? "?" . $request->getUri()->getQuery() : "");; session()->set('url_stack', $urlStack); @@ -34,8 +36,9 @@ class AuthFilter implements FilterInterface } //User Role 비교 // 회원 ROLES이 필요ROLE($arguments[0]) 목록에 존재하지 않으면(ACL) $auth = session()->get(SESSION_NAMES['AUTH']); - if (!isset($auth['role']) || !in_array($arguments[0], explode(DEFAULTS['DELIMITER_ROLE'], $auth['role']))) { - return redirect()->back()->with('error', "회원[{$auth['name']}]님은 접속에 필요한 권한이 없습니다. "); + $roles = explode(DEFAULTS['DELIMITER_ROLE'], $auth['role']); + if (!isset($auth['role']) || !in_array($arguments[0], $roles)) { + return redirect()->back()->with('error', "회원[{$auth['name']}]님은 접속에 필요한 권한{$arguments[0]}이 없습니다. "); } } diff --git a/app/Libraries/MyAuth/MyAuth.php b/app/Libraries/MyAuth/MyAuth.php index 54f2ab6..529e7af 100644 --- a/app/Libraries/MyAuth/MyAuth.php +++ b/app/Libraries/MyAuth/MyAuth.php @@ -6,13 +6,17 @@ use App\Entities\UserEntity; use App\Libraries\CommonLibrary; // 참고:https://github.com/SyntaxPhoenix/iloclient -abstract class MyAuth extends CommonLibrary +class MyAuth extends CommonLibrary { private $_session = null; - protected function __construct() + public function __construct() { $this->_session = \Config\Services::session(); } + final public function isLoggedIn(): bool + { + return $this->_session->has(SESSION_NAMES['ISLOGIN']); + } final public function login(UserEntity $entity): void {